16996 matches found
CVE-2019-1010204
GNU binutils gold gold v1.11-v1.16 GNU binutils v2.21-v2.31.1 is affected by: Improper Input Validation, Signed/Unsigned Comparison, Out-of-bounds Read. The impact is: Denial of service. The component is: gold/fileread.cc:497, elfcpp/elfcppfile.h:644. The attack vector is: An ELF file with an...
CVE-2019-1010204
GNU binutils gold gold v1.11-v1.16 GNU binutils v2.21-v2.31.1 is affected by: Improper Input Validation, Signed/Unsigned Comparison, Out-of-bounds Read. The impact is: Denial of service. The component is: gold/fileread.cc:497, elfcpp/elfcppfile.h:644. The attack vector is: An ELF file with an...
CVE-2019-1010204
CVE-2019-1010204 affects GNU binutils, specifically the gold linker. The vulnerability arises from a combination of improper input validation , signed/unsigned comparison , and an out-of-bounds read in the code paths for gold/fileread.cc:497 and elfcpp/elfcpp_file.h:644. The documented impact is ...
CVE-2019-1010204
GNU binutils gold gold v1.11-v1.16 GNU binutils v2.21-v2.31.1 is affected by: Improper Input Validation, Signed/Unsigned Comparison, Out-of-bounds Read. The impact is: Denial of service. The component is: gold/fileread.cc:497, elfcpp/elfcppfile.h:644. The attack vector is: An ELF file with an...
Oracle MySQL Server 5.7 <= 5.7.25 / 8.0 <= 8.0.15 Security Update (cpujul2019) - Linux
Oracle MySQL Server is prone to an unspecified denial of service vulnerability. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
Oracle MySQL Server <= 5.6.44 / 5.7 <= 5.7.26 / 8.0 <= 8.0.16 Security Update (cpujul2019) - Windows
Oracle MySQL Server is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:oracle:mysql"; if...
The vulnerability of the gpg data encryption tool from the gnupg package, related to errors in pointer arithmetic, allows a perpetrator to trigger a service failure.
The vulnerability of the gpg data encryption tool from the gnupg package is related to errors in pointer arithmetic. Exploiting this vulnerability could allow an attacker to trigger a service failure, by passing a specially crafted file as an argument to the command line...
CVE-2019-1010022
GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass stack guard protection. The component is: nptl. The attack vector is: Exploit stack buffer overflow vulnerability and use this bypass vulnerability to bypass stack guard. NOTE: Upstream comments indicate "this ...
CVE-2019-13638
GNU patch through 2.7.6 is vulnerable to OS shell command injection that can be exploited by opening a crafted patch file that contains an ed style diff payload with shell metacharacters. The ed editor does not need to be present on the vulnerable system. This is different from CVE-2018-1000156...
UBUNTU-CVE-2019-13638
GNU patch through 2.7.6 is vulnerable to OS shell command injection that can be exploited by opening a crafted patch file that contains an ed style diff payload with shell metacharacters. The ed editor does not need to be present on the vulnerable system. This is different from CVE-2018-1000156...
EulerOS 2.0 SP2 : binutils (EulerOS-SA-2019-1728)
According to the versions of the binutils packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - binutils: integer overflow leads to heap-based buffer overflow in objdumpCVE-2018-1000876 - An issue was discovered in GNU Binutils 2.32. It i...
Parrot Security 4.7 - Security GNU/Linux Distribution Designed with Cloud Pentesting and IoT Security in Mind
Parrot is a GNU/Linux distribution based on Debian Testing and designed with Security, Development and Privacy in mind. It includes a full portable laboratory for security and digital forensics experts, but it also includes all you need to develop your own software or protect your privacy while...
Hudson CI Detection (Auto Discovery)
The scripts tries to detect a Auto Discovery service of a Hudson CI server and to extract a possible exposed version. Copyright C 2019 Greenbone Networks GmbH SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribute it and/or modify it under the terms of the G...
CVE-2019-13636
In GNU patch through 2.7.6, the following of symlinks is mishandled in certain cases other than input files. This affects inp.c and util.c...
AZL-35105 CVE-2019-13636 affecting package patch for versions less than 2.7.6-9
In GNU patch through 2.7.6, the following of symlinks is mishandled in certain cases other than input files. This affects inp.c and util.c...
CVE-2019-13636
In GNU patch through 2.7.6, the following of symlinks is mishandled in certain cases other than input files. This affects inp.c and util.c...
ALPINE-CVE-2019-13636
In GNU patch through 2.7.6, the following of symlinks is mishandled in certain cases other than input files. This affects inp.c and util.c...
Design/Logic Flaw
In GNU patch through 2.7.6, the following of symlinks is mishandled in certain cases other than input files. This affects inp.c and util.c...
CVE-2019-13636
In GNU patch through 2.7.6, the following of symlinks is mishandled in certain cases other than input files. This affects inp.c and util.c...
CVE-2019-13636
CVE-2019-13636 affects GNU patch; the vulnerability arises from mishandling of following symlinks in inp.c and util.c in certain cases beyond input files. Public references describe potential for arbitrary file access/overwrite and, per Debian, shell command injection or escape from the working d...